chore(deps): bump the npm_and_yarn group across 4 directories with 7 updates

[dependabot]

Bumps the npm_and_yarn group with 2 updates in the /src/list directory: axios and vue.
Bumps the npm_and_yarn group with 2 updates in the /src/list/frontend directory: axios and vue.
Bumps the npm_and_yarn group with 3 updates in the /src/list/frontend/tests/e2e directory: @cypress/request, lodash and tmp.
Bumps the npm_and_yarn group with 1 update in the /src/list/server directory: axios.

Updates axios from 1.13.2 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

• Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
• Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

• Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

• Fix/5657. (PR #7313)
• Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

• Add input validation to isAbsoluteURL. (PR #7326)
• Refactor: bump minor package versions. (PR #7356)

Documentation

• Clarify object-check comment. (PR #7323)
• Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

• Chore: fix issues with YAML. (PR #7355)
• CI: update workflow YAMLs. (PR #7372)
• CI: fix run condition. (PR #7373)
• Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)
• Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

• @​sachin11063 (first contribution — PR #7323)
• @​asmitha-16 (first contribution — PR #7326)

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

• fix: issues with version 1.13.3 (#7352) (ee90dfc)
  • Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

• http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
• interceptor: handle the error in the same interceptor (#6269) (5945e40)
• main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
• package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
• silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
• turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
• types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
• types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
• unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

• add undefined as a value in AxiosRequestConfig (#5560) (095033c)
• add automatic minor and patch upgrades to dependabot (#6053) (65a7584)
• add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)
• added copilot instructions (3f83143)
• compatibility with frozen prototypes (#6265) (860e033)
• enhance pipeFileToResponse with error handling (#7169) (88d7884)
• types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

• Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
• deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

• Ashvin Tiwari
• Nikunj Mochi
• Anchal Singh
• jasonsaayman
• Julian Dax
• Akash Dhar Dubey
• Madhumita
• Tackoil
• Justin Dhillon
• Rudransh
• WuMingDao
• codenomnom
• Nandan Acharya
• Eric Dubé
• Tibor Pilz
• Gabriel Quaresma
• Turadg Aleahmad

... (truncated)

Commits

• 29f7542 chore(release): prepare release 1.13.5 (#7379)
• 431c3a3 ci: fix run condition (#7373)
• 9ff3a78 ci: update ymls (#7372)
• 265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
• 475e75a feat: add input validation to isAbsoluteURL (#7326)
• 28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
• 04cf019 docs: clarify object check comment (#7323)
• 696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
• 569f028 fix: added a option to choose between legacy and the new request/response int...
• 44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Updates vue from 2.7.16 to 3.0.0

Changelog

Sourced from vue's changelog.

3.0.0 (2020-09-18)

3.0.0-rc.13 (2020-09-18)

Bug Fixes

• hmr: make hmr working with class components (#2144) (422f05e)
• reactivity: avoid length mutating array methods causing infinite updates (#2138) (f316a33), closes #2137
• suspense: should discard unmount effects of invalidated pending branch (5bfcad1)
• types: component instance inference without props (#2145) (57bdaa2)

Code Refactoring

• watch APIs default to trigger pre-flush (49bb447), closes vuejs/vue-next#1706

Features

• runtime-core: support using inject() inside props default functions (58c31e3)
• watch: support dot-delimited path in watch option (1c9a0b3)

BREAKING CHANGES

• watch APIs now default to use flush: 'pre' instead of flush: 'post'. This change affects watch, watchEffect, the watch component option, and this.$watch. See (49bb447) for more details.

3.0.0-rc.12 (2020-09-16)

Bug Fixes

• reactivity: effect should only recursively self trigger with explicit options (3810de7), closes #2125
• runtime-core: ensure root stable fragments inherit elements for moving (bebd44f), closes #2134
• runtime-core: should still do full traverse of stable fragment children in dev + hmr (dd40ad8)
• runtime-core/async-component: fix error component when there are no error handlers (c7b4a37), closes #2129
• types/tsx: optional props from Mixin/Extends are treated as required (#2048) (89e9ab8)

Features

• compiler-sfc: additionalData support for css preprocessors (#2126) (066d514)

3.0.0-rc.11 (2020-09-15)

... (truncated)

Commits

• See full diff in compare view

Updates axios from 1.13.2 to 1.13.5

Release notes

Sourced from axios's releases.

v1.13.5

Release 1.13.5

Highlights

• Security: Fixed a potential Denial of Service issue involving the __proto__ key in mergeConfig. (PR #7369)
• Bug fix: Resolved an issue where AxiosError could be missing the status field on and after v1.13.3. (PR #7368)

Changes

Security

• Fix Denial of Service via __proto__ key in mergeConfig. (PR #7369)

Fixes

• Fix/5657. (PR #7313)
• Ensure status is present in AxiosError on and after v1.13.3. (PR #7368)

Features / Improvements

• Add input validation to isAbsoluteURL. (PR #7326)
• Refactor: bump minor package versions. (PR #7356)

Documentation

• Clarify object-check comment. (PR #7323)
• Fix deprecated Buffer constructor usage and README formatting. (PR #7371)

CI / Maintenance

• Chore: fix issues with YAML. (PR #7355)
• CI: update workflow YAMLs. (PR #7372)
• CI: fix run condition. (PR #7373)
• Dev deps: bump karma-sourcemap-loader from 0.3.8 to 0.4.0. (PR #7360)
• Chore(release): prepare release 1.13.5. (PR #7379)

New Contributors

• @​sachin11063 (first contribution — PR #7323)
• @​asmitha-16 (first contribution — PR #7326)

Full Changelog: axios/axios@v1.13.4...v1.13.5

v1.13.4

Overview

The release addresses issues discovered in v1.13.3 and includes significant CI/CD improvements.

Full Changelog: v1.13.3...v1.13.4

What's New in v1.13.4

Bug Fixes

• fix: issues with version 1.13.3 (#7352) (ee90dfc)
  • Fixed issues discovered in v1.13.3 release

... (truncated)

Changelog

Sourced from axios's changelog.

Changelog

1.13.3 (2026-01-20)

Bug Fixes

• http2: Use port 443 for HTTPS connections by default. (#7256) (d7e6065)
• interceptor: handle the error in the same interceptor (#6269) (5945e40)
• main field in package.json should correspond to cjs artifacts (#5756) (7373fbf)
• package.json: add 'bun' package.json 'exports' condition. Load the Node.js build in Bun instead of the browser build (#5754) (b89217e)
• silentJSONParsing=false should throw on invalid JSON (#7253) (#7257) (7d19335)
• turn AxiosError into a native error (#5394) (#5558) (1c6a86d)
• types: add handlers to AxiosInterceptorManager interface (#5551) (8d1271b)
• types: restore AxiosError.cause type from unknown to Error (#7327) (d8233d9)
• unclear error message is thrown when specifying an empty proxy authorization (#6314) (6ef867e)

Features

• add undefined as a value in AxiosRequestConfig (#5560) (095033c)
• add automatic minor and patch upgrades to dependabot (#6053) (65a7584)
• add Node.js coverage script using c8 (closes #7289) (#7294) (ec9d94e)
• added copilot instructions (3f83143)
• compatibility with frozen prototypes (#6265) (860e033)
• enhance pipeFileToResponse with error handling (#7169) (88d7884)
• types: Intellisense for string literals in a widened union (#6134) (f73474d), closes microsoft/TypeScript#33471

Reverts

• Revert "fix: silentJSONParsing=false should throw on invalid JSON (#7253) (#7…" (#7298) (a4230f5), closes #7253 #7 #7298
• deps: bump peter-evans/create-pull-request from 7 to 8 in the github-actions group (#7334) (2d6ad5e)

Contributors to this release

• Ashvin Tiwari
• Nikunj Mochi
• Anchal Singh
• jasonsaayman
• Julian Dax
• Akash Dhar Dubey
• Madhumita
• Tackoil
• Justin Dhillon
• Rudransh
• WuMingDao
• codenomnom
• Nandan Acharya
• Eric Dubé
• Tibor Pilz
• Gabriel Quaresma
• Turadg Aleahmad

... (truncated)

Commits

• 29f7542 chore(release): prepare release 1.13.5 (#7379)
• 431c3a3 ci: fix run condition (#7373)
• 9ff3a78 ci: update ymls (#7372)
• 265b712 docs: fix deprecated Buffer constructor and formatting issues in README (#7371)
• 475e75a feat: add input validation to isAbsoluteURL (#7326)
• 28c7215 fix: Denial of Service via proto Key in mergeConfig (#7369)
• 04cf019 docs: clarify object check comment (#7323)
• 696fa75 fix: status is missing in AxiosError on and after v1.13.3 (#7368)
• 569f028 fix: added a option to choose between legacy and the new request/response int...
• 44b7c9f chore(deps-dev): bump karma-sourcemap-loader (#7360)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for axios since your current version.

Updates vue from 2.7.16 to 3.0.0

Changelog

Sourced from vue's changelog.

3.0.0 (2020-09-18)

3.0.0-rc.13 (2020-09-18)

Bug Fixes

• hmr: make hmr working with class components (#2144) (422f05e)
• reactivity: avoid length mutating array methods causing infinite updates (#2138) (f316a33), closes #2137
• suspense: should discard unmount effects of invalidated pending branch (5bfcad1)
• types: component instance inference without props (#2145) (57bdaa2)

Code Refactoring

• watch APIs default to trigger pre-flush (49bb447), closes vuejs/vue-next#1706

Features

• runtime-core: support using inject() inside props default functions (58c31e3)
• watch: support dot-delimited path in watch option (1c9a0b3)

BREAKING CHANGES

• watch APIs now default to use flush: 'pre' instead of flush: 'post'. This change affects watch, watchEffect, the watch component option, and this.$watch. See (49bb447) for more details.

3.0.0-rc.12 (2020-09-16)

Bug Fixes

• reactivity: effect should only recursively self trigger with explicit options (3810de7), closes #2125
• runtime-core: ensure root stable fragments inherit elements for moving (bebd44f), closes #2134
• runtime-core: should still do full traverse of stable fragment children in dev + hmr (dd40ad8)
• runtime-core/async-component: fix error component when there are no error handlers (c7b4a37), closes #2129
• types/tsx: optional props from Mixin/Extends are treated as required (#2048) (89e9ab8)

Features

• compiler-sfc: additionalData support for css preprocessors (#2126) (066d514)

3.0.0-rc.11 (2020-09-15)

... (truncated)

Commits

• See full diff in compare view

Updates @cypress/request from 2.88.12 to 3.0.10

Release notes

Sourced from @​cypress/request's releases.

v3.0.10

3.0.10 (2026-01-05)

Bug Fixes

• release cypress-io/request#97 (#102) (e783d90)

v3.0.9

3.0.9 (2025-07-24)

Bug Fixes

• update patch version of form-data to address new critical Snyk vulnerability (a2f3199)

v3.0.8

3.0.8 (2025-03-04)

Bug Fixes

• deps: update dependency qs to v6.14.0 (16066b6)

v3.0.7

3.0.7 (2024-12-09)

Bug Fixes

• deps: update dependency qs to v6.13.1 (00d1835)

v3.0.6

3.0.6 (2024-10-29)

Bug Fixes

• deps: update dependency tough-cookie to v5 (65ad82c)

v3.0.5

3.0.5 (2024-09-09)

Bug Fixes

• deps: update dependency form-data to v4 (6b90580)

v3.0.4

3.0.4 (2024-09-05)

... (truncated)

Commits

• e783d90 fix: release cypress-io/request#97 (#102)
• e3d6845 chore: fix approval/release job (#100)
• cea7bc6 chore: fix broken circle context (#99)
• a5253c3 Merge pull request #97 from hmaesta/master
• 6cc9dde commig yarn.lock
• d0c69d2 chore(deps): allow qs patch versions
• 72bbc6b chore(deps): update qs to v6.14.1
• e02f5cb chore: use npm credentials context (#95)
• 3cffd53 Merge pull request #88 from ahayes91/update-form-data
• 7c424d5 chore: fix lint issue
• Additional commits viewable in compare view

Updates qs from 6.10.4 to 6.14.2

Changelog

Sourced from qs's changelog.

6.14.2

• [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit (#546)
• [Fix] arrayLimit means max count, not max index, in combine/merge/parseArrayValue
• [Fix] parse: throw on arrayLimit exceeded with indexed notation when throwOnLimitExceeded is true (#529)
• [Fix] parse: enforce arrayLimit on comma-parsed values
• [Fix] parse: fix error message to reflect arrayLimit as max index; remove extraneous comments (#545)
• [Robustness] avoid .push, use void
• [readme] document that addQueryPrefix does not add ? to empty output (#418)
• [readme] clarify parseArrays and arrayLimit documentation (#543)
• [readme] replace runkit CI badge with shields.io check-runs badge
• [meta] fix changelog typo (arrayLength → arrayLimit)
• [actions] fix rebase workflow permissions

6.14.1

• [Fix] ensure arrayLimit applies to [] notation as well
• [Fix] parse: when a custom decoder returns null for a key, ignore that key
• [Refactor] parse: extract key segment splitting helper
• [meta] add threat model
• [actions] add workflow permissions
• [Tests] stringify: increase coverage
• [Dev Deps] update eslint, @ljharb/eslint-config, npmignore, es-value-fixtures, for-each, object-inspect

6.14.0

• [New] parse: add throwOnParameterLimitExceeded option (#517)
• [Refactor] parse: use utils.combine more
• [patch] parse: add explicit throwOnLimitExceeded default
• [actions] use shared action; re-add finishers
• [meta] Fix changelog formatting bug
• [Deps] update side-channel
• [Dev Deps] update es-value-fixtures, has-bigints, has-proto, has-symbols
• [Tests] increase coverage

6.13.3

[Fix] fix regressions from robustness refactor [actions] update reusable workflows

6.13.2

• [Robustness] avoid .push, use void
• [readme] clarify parseArrays and arrayLimit documentation (#543)
• [readme] document that addQueryPrefix does not add ? to empty output (#418)
• [readme] replace runkit CI badge with shields.io check-runs badge
• [actions] fix rebase workflow permissions

6.13.1

• [Fix] stringify: avoid a crash when a filter key is null
• [Fix] utils.merge: functions should not be stringified into keys
• [Fix] parse: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset
• [Fix] stringify: ensure a non-string filter does not crash
• [Refactor] use __proto__ syntax instead of Object.create for null objects
• [Refactor] misc cleanup

... (truncated)

Commits

• bdcf0c7 v6.14.2
• 294db90 [readme] document that addQueryPrefix does not add ? to empty output
• 5c308e5 [readme] clarify parseArrays and arrayLimit documentation
• 6addf8c [Fix] parse: mark overflow objects for indexed notation exceeding arrayLimit
• cfc108f [Fix] arrayLimit means max count, not max index, in combine/merge/`pars...
• febb644 [Fix] parse: throw on arrayLimit exceeded with indexed notation when `thr...
• f6a7abf [Fix] parse: enforce arrayLimit on comma-parsed values
• fbc5206 [Fix] parse: fix error message to reflect arrayLimit as max index; remove e...
• 1b9a8b4 [actions] fix rebase workflow permissions
• 2a35775 [meta] fix changelog typo (arrayLength → arrayLimit)
• Additional commits viewable in compare view

Updates form-data from 2.3.3 to 4.0.5

Release notes

Sourced from form-data's releases.

v4.0.4

v4.0.4 - 2025-07-16

Commits

• [meta] add auto-changelog 811f682
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76
• [Fix] Switch to using crypto random for boundary values 3d17230
• [Tests] fix linting errors 5e34080
• [meta] actually ensure the readme backup isn’t published 316c82b
• [Dev Deps] update @ljharb/eslint-config 58c25d7
• [meta] fix readme capitalization 2300ca1

v4.0.3

v4.0.3 - 2025-06-05

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] use a shared config 426ba9a
• [eslint] fix some spacing issues 2094191
• [Refactor] use hasown 81ab41b
• [Fix] validate boundary type in setBoundary() method 8d8e469
• [Tests] add tests to check the behavior of getBoundary with non-strings 837b8a1
• [Dev Deps] remove unused deps 870e4e6
• [meta] remove local commit hooks e6e83cc
• [Dev Deps] update eslint 4066fd6
• [meta] fix scripts to use prepublishOnly c4bbb13

v4.0.2

v4.0.2 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)
• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)
• [Fix] set Symbol.toStringTag when available [#396](https://github.com/form-data/form-data/issues/396)

Commits

... (truncated)

Changelog

Sourced from form-data's changelog.

v4.0.5 - 2025-11-17

Commits

• [Tests] Switch to newer v8 prediction library; enable node 24 testing 16e0076
• [Dev Deps] update @ljharb/eslint-config, eslint 5822467
• [Fix] set Symbol.toStringTag in the proper place 76d0dee

v4.0.4 - 2025-07-16

Commits

• [meta] add auto-changelog 811f682
• [Tests] handle predict-v8-randomness failures in node < 17 and node > 23 1d11a76
• [Fix] Switch to using crypto random for boundary values 3d17230
• [Tests] fix linting errors 5e34080
• [meta] actually ensure the readme backup isn’t published 316c82b
• [Dev Deps] update @ljharb/eslint-config 58c25d7
• [meta] fix readme capitalization 2300ca1

v4.0.3 - 2025-06-05

Fixed

• [Fix] append: avoid a crash on nullish values [#577](https://github.com/form-data/form-data/issues/577)

Commits

• [eslint] use a shared config 426ba9a
• [eslint] fix some spacing issues 2094191
• [Refactor] use hasown 81ab41b
• [Fix] validate boundary type in setBoundary() method 8d8e469
• [Tests] add tests to check the behavior of getBoundary with non-strings 837b8a1
• [Dev Deps] remove unused deps 870e4e6
• [meta] remove local commit hooks e6e83cc
• [Dev Deps] update eslint 4066fd6
• [meta] fix scripts to use prepublishOnly c4bbb13

v4.0.2 - 2025-02-14

Merged

• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• [Fix] set Symbol.toStringTag when available [#573](https://github.com/form-data/form-data/issues/573)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)
• fix (npmignore): ignore temporary build files [#532](https://github.com/form-data/form-data/issues/532)

Fixed

• [Fix] set Symbol.toStringTag when available (#573) [#396](https://github.com/form-data/form-data/issues/396)

... (truncated)

Commits

• See full diff in compare view

Maintainer changes

This version was pushed to npm by ljharb, a new releaser for form-data since your current version.

Install script changes

This version modifies prepublish script that runs during installation. Review the package contents before updating.

Updates lodash from 4.17.21 to 4.17.23

Commits

• dec55b7 Bump main to v4.17.23 (#6088)
• 19c9251 fix: setCacheHas JSDoc return type should be boolean (#6071)
• b5e6729 jsdoc: Add -0 and BigInt zeros to _.compact falsey values list (#6062)
• edadd45 Prevent prototype pollution on baseUnset function
• 4879a7a<...

  Description has been truncated

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	14		0	0	0.24s
✅ BASH	bash-exec	7		0	0	0.04s
✅ BASH	shellcheck	4		0	0	0.17s
⚠️ BASH	shfmt	7		1	0	0.01s
✅ CSHARP	csharpier	3		0	0	2.72s
⚠️ CSHARP	roslynator	1		1	0	10.98s
✅ CSS	stylelint	1		0	0	2.23s
✅ DOCKERFILE	hadolint	5		0	0	0.18s
✅ EDITORCONFIG	editorconfig-checker	435		0	0	1.94s
✅ ENV	dotenv-linter	1		0	0	0.01s
⚠️ GROOVY	npm-groovy-lint	8		0	20	25.49s
✅ HTML	djlint	2		0	0	2.17s
✅ HTML	htmlhint	2		0	0	0.27s
⚠️ JAVA	checkstyle	64		0	90	11.84s
✅ JSON	jsonlint	53		0	0	0.4s
✅ JSON	prettier	53		0	0	5.85s
✅ JSON	v8r	53		0	0	38.44s
⚠️ MARKDOWN	markdownlint	23		273	0	2.15s
✅ PYTHON	bandit	1		0	0	2.54s
✅ PYTHON	black	1		0	0	1.2s
✅ PYTHON	flake8	1		0	0	1.13s
✅ PYTHON	isort	1		0	0	0.52s
✅ PYTHON	mypy	1		0	0	9.92s
✅ PYTHON	ruff	1		0	0	0.05s
✅ REPOSITORY	checkov	yes		no	no	43.48s
✅ REPOSITORY	gitleaks	yes		no	no	6.41s
✅ REPOSITORY	git_diff	yes		no	no	0.44s
⚠️ REPOSITORY	kics	yes		no	109	52.35s
✅ REPOSITORY	secretlint	yes		no	no	3.14s
✅ REPOSITORY	syft	yes		no	no	18.95s
⚠️ REPOSITORY	trivy	yes		17	no	22.82s
✅ REPOSITORY	trivy-sbom	yes		no	no	6.0s
✅ REPOSITORY	trufflehog	yes		no	no	9.18s
✅ XML	xmllint	4		0	0	1.16s
✅ YAML	prettier	118		0	0	3.19s

Detailed Issues

⚠️ JAVA / checkstyle - 90 warnings

warning: First sentence of Javadoc is missing an ending period.

warning: First sentence of Javadoc is missing an ending period.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 103).

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: First sentence of Javadoc is missing an ending period.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 107).

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: First sentence of Javadoc is missing an ending period.

warning: Line is longer than 100 characters (found 115).

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 220).

warning: Line is longer than 100 characters (found 104).

warning: Line is longer than 100 characters (found 117).

warning: Line is longer than 100 characters (found 154).

warning: Line is longer than 100 characters (found 111).

warning: Line is longer than 100 characters (found 128).

warning: Line is longer than 100 characters (found 142).

warning: Missing a Javadoc comment.

warning: Line is longer than 100 characters (found 104).

warning: Line is longer than 100 characters (found 132).

warning: Line is longer than 100 characters (found 141).

warning: 90 warnings emitted

⚠️ REPOSITORY / kics - 109 warnings

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/deploy/docker-compose.dev.yml:36:1
   │
36 │   keycloak:
   │ ^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/notify/tests/e2e/docker-compose.yaml:26:1
   │
26 │   jobstore-db:
   │ ^^^^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
    ┌─ docker-compose/docker-compose.staging.yaml:220:1
    │
220 │   query:
    │ ^^^^^^^^
    │
    = Container Capabilities Unrestricted
    = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/notify/tests/e2e/docker-compose.yaml:47:1
   │
47 │   fhir:
   │ ^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/query/tests/e2e/docker-compose.yaml:45:1
   │
45 │   broadsea-atlasdb:
   │ ^^^^^^^^^^^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/query/tests/e2e/docker-compose.yaml:35:1
   │
35 │   fhir:
   │ ^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
  ┌─ src/list/frontend/deploy/docker-compose.dev.yml:2:1
  │
2 │   fhir:
  │ ^^^^^^^
  │
  = Container Capabilities Unrestricted
  = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/deploy/docker-compose.dev.yml:14:1
   │
14 │   loader:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
  ┌─ src/notify/tests/e2e/docker-compose.yaml:4:1
  │
4 │   notify:
  │ ^^^^^^^^^
  │
  = Container Capabilities Unrestricted
  = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/tests/e2e/docker-compose.yaml:44:1
   │
44 │   loader:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
    ┌─ docker-compose/docker-compose.staging.yaml:142:1
    │
142 │   fhir-db:
    │ ^^^^^^^^^^
    │
    = Container Capabilities Unrestricted
    = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/notify/tests/e2e/docker-compose.yaml:33:1
   │
33 │   tester:
   │ ^^^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file doesn't have 'cap_drop' attribute. Make sure your container only has necessary capabilities.
   ┌─ src/list/frontend/tests/e2e/docker-compose.yaml:36:1
   │
36 │   fhir:
   │ ^^^^^^^
   │
   = Container Capabilities Unrestricted
   = Some capabilities are not needed in certain (or any) containers. Make sure that you only add capabilities that your container needs. Drop unnecessary capabilities as well.

warning: Docker compose file d

(Truncated to 5714 characters out of 33943)

⚠️ MARKDOWN / markdownlint - 273 errors

CHANGELOG.md:5 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:9:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:10:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:13 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:24 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:25 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:30 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:31 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:45 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:52 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:53 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:56:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:59 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:60 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:66:121 MD013/line-length Line length [Expected: 120; Actual: 241]
CHANGELOG.md:73 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:74 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:81:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:86 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:91 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:92 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:105:121 MD013/line-length Line length [Expected: 120; Actual: 229]
CHANGELOG.md:106:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:109:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:122 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:125:121 MD013/line-length Line length [Expected: 120; Actual: 224]
CHANGELOG.md:127 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:128 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:132 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:133 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:139 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:140 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:144 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:145 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:151 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:152 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:158 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:159 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Features"]
CHANGELOG.md:163 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:164 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Bug Fixes"]
CHANGELOG.md:167:121 MD013/line-length Line length [Expected: 120; Actual: 219]
CHANGELOG.md:168:121 MD013/line-length Line length [Expected: 120; Actual: 221]
CHANGELOG.md:169:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:170:121 MD013/line-length Line length [Expected: 120; Actual: 220]
CHANGELOG.md:171:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:177:121 MD013/line-length Line length [Expected: 120; Actual: 233]
CHANGELOG.md:180 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:181 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Documentation"]
CHANGELOG.md:185 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
CHANGELOG.md:186 MD024/no-duplicate-heading Multiple headings with the same content [Context: "Miscellaneous Chores"]
CHANGELOG.md:207:121 MD013/line-length Line length [Expected: 120; Actual: 228]
CHANGELOG.md:209:121 MD013/line-length Line length [Expected: 120; Actual: 230]
CHANGELOG.md:211:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:212:121 MD013/line-length Line length [Expected: 120; Actual: 232]
CHANGELOG.md:213:121 MD013/line-length Line length [Expected: 120; Actual: 234]
CHANGELOG.md:215:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:216:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:217:121 MD013/line-length Line length [Expected: 120; Actual: 237]
CHANGELOG.md:218:121 MD013/line-length Line length [Expected: 120; Actual: 239]
CHANGELOG.md:219:121 MD013/line-length Line length [Expected: 120; Actual: 239]
CHANGELOG.md:220:121 MD013/line-length Line length [Expected: 12

(Truncated to 5714 characters out of 26039)

⚠️ GROOVY / npm-groovy-lint - 20 warnings

note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic

note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with either @GrailsCompileStatic, @CompileStatic or @CompileDynamic

note: The String 'spring-boot-loader' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:71:24
   │
71 │             intoLayer("spring-boot-loader") {
   │                        ^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'org/springframework/boot/loader/**' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:72:26
   │
72 │                 include("org/springframework/boot/loader/**")
   │                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'application' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:74:24
   │
74 │             intoLayer("application")
   │                        ^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'module-dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:77:24
   │
77 │             intoLayer("module-dependencies") {
   │                        ^^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'org.miracum:*:*' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:78:26
   │
78 │                 include("org.miracum:*:*")
   │                          ^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:80:24
   │
80 │             intoLayer("dependencies")
   │                        ^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:25
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                         ^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'spring-boot-loader' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:41
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                                         ^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'module-dependencies' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:63
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                                                               ^^^^^^^^^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: The String 'application' can be wrapped in single quotes instead of double quotes
   ┌─ src/buildSrc/src/main/groovy/org.miracum.recruit.java-application-conventions.gradle:82:86
   │
82 │         layerOrder = [ "dependencies", "spring-boot-loader", "module-dependencies", "application" ]
   │                                                                                      ^^^^^^^^^^^
   │
   = String objects should be created with single quotes, and GString objects created with double quotes. Creating normal String objects with double quotes is confusing to readers.

note: Class should be marked with one of @GrailsCompileStatic, @CompileStatic or @CompileDynamic
 = Check that classes are explicitely annotated with ei

(Truncated to 5714 characters out of 7255)

⚠️ CSHARP / roslynator - 1 error

Results of roslynator linter (version 0.11.0.0)
See documentation on https://megalinter.io/9.2.0/descriptors/csharp_roslynator/
-----------------------------------------------

❌ [ERROR] tests/chaos/tester/tester.csproj
    Loading project 'tests/chaos/tester/tester.csproj'...
    Analyze 'tester'
      Program.cs(50,32): error CS0103: The name 'TimeSpan' does not exist in the current context
      Program.cs(108,5): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(115,28): error CS0103: The name 'File' does not exist in the current context
      Program.cs(117,9): error CS0103: The name 'JsonSerializer' does not exist in the current context
      Program.cs(125,9): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(127,22): error CS0103: The name 'Policy' does not exist in the current context
      Program.cs(140,9): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(141,15): error CS0103: The name 'System' does not exist in the current context
      Program.cs(141,49): error CS0103: The name 'TimeSpan' does not exist in the current context
      Program.cs(147,5): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(155,5): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(160,5): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(169,5): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(184,13): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(192,19): error CS0103: The name 'System' does not exist in the current context
      Program.cs(192,53): error CS0103: The name 'TimeSpan' does not exist in the current context
      Program.cs(196,9): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(202,13): error CS0103: The name 'Console' does not exist in the current context
      Program.cs(213,15): error CS0103: The name 'System' does not exist in the current context
      Program.cs(213,49): error CS0103: The name 'TimeSpan' does not exist in the current context
      Program.cs(101,42): error CS0161: 'RunTest(FileInfo, Uri, TimeSpan, int)': not all code paths return a value
      Program.cs(145,42): error CS0161: 'RunDeleteMessages(Uri)': not all code paths return a value
      Program.cs(163,42): error CS0161: 'RunAssert(Uri, int, int)': not all code paths return a value
      Program.cs(1,7): error CS0246: The type or namespace name 'System' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(2,7): error CS0246: The type or namespace name 'System' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(3,7): error CS0246: The type or namespace name 'System' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(4,7): error CS0246: The type or namespace name 'Hl7' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(5,7): error CS0246: The type or namespace name 'Hl7' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(6,7): error CS0246: The type or namespace name 'Hl7' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(7,7): error CS0246: The type or namespace name 'Polly' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(9,23): error CS0246: The type or namespace name 'RootCommand' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(11,35): error CS0246: The type or namespace name 'Option<>' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(11,42): error CS0246: The type or namespace name 'Uri' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(18,33): error CS0246: The type or namespace name 'Command' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(26,22): error CS0246: The type or namespace name 'Option<>' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(26,29): error CS0246: The type or namespace name 'FileInfo' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(34,27): error CS0246: The type or namespace name 'Option<>' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(40,31): error CS0246: The type or namespace name 'Option<>' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(40,38): error CS0246: The type or namespace name 'Uri' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(44,41): error CS0246: The type or namespace name 'Uri' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(46,26): error CS0246: The type or namespace name 'Option<>' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(46,33): error CS0246: The type or namespace name 'TimeSpan' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(52,23): error CS0246: The type or namespace name 'Command' could not be found (are you missing a using directive or an assembly reference?)
      Program.cs(73,38): error CS0246: The type or namesp

(Truncated to 5714 characters out of 26578)

⚠️ BASH / shfmt - 1 error

diff src/gradlew.orig src/gradlew
--- src/gradlew.orig
+++ src/gradlew
@@ -71,15 +71,15 @@
 
 # Need this for daisy-chained symlinks.
 while
-    APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path
-    [ -h "$app_path" ]
+  APP_HOME=${app_path%"${app_path##*/}"} # leaves a trailing /; empty if no leading path
+  [ -h "$app_path" ]
 do
-    ls=$( ls -ld "$app_path" )
-    link=${ls#*' -> '}
-    case $link in             #(
-      /*)   app_path=$link ;; #(
-      *)    app_path=$APP_HOME$link ;;
-    esac
+  ls=$(ls -ld "$app_path")
+  link=${ls#*' -> '}
+  case $link in         #(
+  /*) app_path=$link ;; #(
+  *) app_path=$APP_HOME$link ;;
+  esac
 done
 
 # This is normally unused
@@ -86,20 +86,20 @@
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit
+APP_HOME=$(cd -P "${APP_HOME:-./}" >/dev/null && printf '%s\n' "$PWD") || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum
 
-warn () {
-    echo "$*"
-} >&2
-
-die () {
-    echo
-    echo "$*"
-    echo
-    exit 1
+warn() {
+  echo "$*"
+} >&2
+
+die() {
+  echo
+  echo "$*"
+  echo
+  exit 1
 } >&2
 
 # OS specific support (must be 'true' or 'false').
@@ -107,57 +107,56 @@
 msys=false
 darwin=false
 nonstop=false
-case "$( uname )" in                #(
-  CYGWIN* )         cygwin=true  ;; #(
-  Darwin* )         darwin=true  ;; #(
-  MSYS* | MINGW* )  msys=true    ;; #(
-  NONSTOP* )        nonstop=true ;;
+case "$(uname)" in           #(
+CYGWIN*) cygwin=true ;;      #(
+Darwin*) darwin=true ;;      #(
+MSYS* | MINGW*) msys=true ;; #(
+NONSTOP*) nonstop=true ;;
 esac
 
-
-
 # Determine the Java command to use to start the JVM.
-if [ -n "$JAVA_HOME" ] ; then
-    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
-        # IBM's JDK on AIX uses strange locations for the executables
-        JAVACMD=$JAVA_HOME/jre/sh/java
-    else
-        JAVACMD=$JAVA_HOME/bin/java
-    fi
-    if [ ! -x "$JAVACMD" ] ; then
-        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-    fi
+if [ -n "$JAVA_HOME" ]; then
+  if [ -x "$JAVA_HOME/jre/sh/java" ]; then
+    # IBM's JDK on AIX uses strange locations for the executables
+    JAVACMD=$JAVA_HOME/jre/sh/java
+  else
+    JAVACMD=$JAVA_HOME/bin/java
+  fi
+  if [ ! -x "$JAVACMD" ]; then
+    die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+  fi
 else
-    JAVACMD=java
-    if ! command -v java >/dev/null 2>&1
-    then
-        die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-    fi
+  JAVACMD=java
+  if ! command -v java >/dev/null 2>&1; then
+    die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+  fi
 fi
 
 # Increase the maximum file descriptors if we can.
-if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then
-    case $MAX_FD in #(
-      max*)
-        # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
-        # shellcheck disable=SC2039,SC3045
-        MAX_FD=$( ulimit -H -n ) ||
-            warn "Could not query maximum file descriptor limit"
-    esac
-    case $MAX_FD in  #(
-      '' | soft) :;; #(
-      *)
-        # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
-        # shellcheck disable=SC2039,SC3045
-        ulimit -n "$MAX_FD" ||
-            warn "Could not set maximum file descriptor limit to $MAX_FD"
-    esac
+if ! "$cygwin" && ! "$darwin" && ! "$nonstop"; then
+  case $MAX_FD in #(
+  max*)
+    # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked.
+    # shellcheck disable=SC2039,SC3045
+    MAX_FD=$(ulimit -H -n) ||
+      warn "Could not query maximum file descriptor limit"
+    ;;
+  esac
+  case $MAX_FD in #(
+  '' | soft) : ;; #(
+  *)
+    # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked.
+    # shellcheck disable=SC2039,SC3045
+    ulimit -n "$MAX_FD" ||
+      warn "Could not set maximum file descriptor limit to $MAX_FD"
+    ;;
+  esac
 fi
 
 # Collect all arguments for the java command, stacking in reverse order:
@@ -169,35 +168,36 @@
 #   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables.
 
 # For Cygwin or MSYS, switch paths to Windows format before running java
-if "$cygwin" || "$msys" ; then
-    APP_HOME=$( cygpath --path --mixed "$APP_HOME" )
-
-    JAVACMD=$( cygpath --unix "$JAVACMD" )
-
-    # Now convert the arguments - kludge to limit ourselves to /bin/sh
-    for arg do
-        if
-            case $arg in                                #(
-              -*)   false ;;                            # don't mess with options #(
-              /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath
-                    [ -e "$t" ] ;;                      #(
-              *)    false ;;
-            esac
-        then
-            arg=$( cygpath --path --ignore --mixed "$arg" )
-        fi
-        # Roll the args list around exactly as many times as the number of
-        # args, so each arg

(Truncated to 5714 characters out of 8251)

⚠️ REPOSITORY / trivy - 17 errors

error: Package: braces
Installed Version: 2.3.2
Vulnerability CVE-2024-4068
Severity: HIGH
Fixed Version: 3.0.3
Link: [CVE-2024-4068](https://avd.aquasec.com/nvd/cve-2024-4068)
      ┌─ src/list/package-lock.json:20831:1
      │  
20831 │ ╭     "node_modules/jscodeshift/node_modules/braces": {
20832 │ │       "version": "2.3.2",
20833 │ │       "license": "MIT",
20834 │ │       "optional": true,
      · │
20850 │ │       }
20851 │ │     },
      │ ╰^
      │  
      = braces: fails to limit the number of characters it can handle
      = The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.

error: Package: cross-spawn
Installed Version: 6.0.5
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: [CVE-2024-21538](https://avd.aquasec.com/nvd/cve-2024-21538)
      ┌─ src/list/package-lock.json:14085:1
      │  
14085 │ ╭     "node_modules/execa/node_modules/cross-spawn": {
14086 │ │       "version": "6.0.5",
14087 │ │       "devOptional": true,
14088 │ │       "license": "MIT",
      · │
14098 │ │       }
14099 │ │     },
      │ ╰^
      │  
      = cross-spawn: regular expression denial of service
      = Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

error: Package: cross-spawn
Installed Version: 7.0.3
Vulnerability CVE-2024-21538
Severity: HIGH
Fixed Version: 7.0.5, 6.0.6
Link: [CVE-2024-21538](https://avd.aquasec.com/nvd/cve-2024-21538)
      ┌─ src/list/package-lock.json:11681:1
      │  
11681 │ ╭     "node_modules/cross-spawn": {
11682 │ │       "version": "7.0.3",
11683 │ │       "devOptional": true,
11684 │ │       "license": "MIT",
      · │
11692 │ │       }
11693 │ │     },
      │ ╰^
      │  
      = cross-spawn: regular expression denial of service
      = Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS) due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string.

error: Package: fast-xml-parser
Installed Version: 4.2.7
Vulnerability CVE-2026-26278
Severity: HIGH
Fixed Version: 5.3.6
Link: [CVE-2026-26278](https://avd.aquasec.com/nvd/cve-2026-26278)
      ┌─ src/list/package-lock.json:14795:1
      │  
14795 │ ╭     "node_modules/fast-xml-parser": {
14796 │ │       "version": "4.2.7",
14797 │ │       "funding": [
14798 │ │         {
      · │
14815 │ │       }
14816 │ │     },
      │ ╰^
      │  
      = fast-xml-parser: fast-xml-parser: Denial of Service via unlimited XML entity expansion
      = fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 4.1.3 through 5.3.5, the XML parser can be forced to do an unlimited amount of entity expansion. With a very small XML input, it’s possible to make the parser spend seconds or even minutes processing a single request, effectively freezing the application. Version 5.3.6 fixes the issue. As a workaround, avoid using DOCTYPE parsing by `processEntities: false` option.

error: Package: jws
Installed Version: 3.2.2
Vulnerability CVE-2025-65945
Severity: HIGH
Fixed Version: 3.2.3, 4.0.1
Link: [CVE-2025-65945](https://avd.aquasec.com/nvd/cve-2025-65945)
      ┌─ src/list/package-lock.json:21324:1
      │  
21324 │ ╭     "node_modules/jws": {
21325 │ │       "version": "3.2.2",
21326 │ │       "license": "MIT",
21327 │ │       "dependencies": {
      · │
21330 │ │       }
21331 │ │     },
      │ ╰^
      │  
      = node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm
      = auth0/node-jws is a JSON Web Signature implementation for Node.js. In versions 3.2.2 and earlier and version 4.0.0, auth0/node-jws has an improper signature verification vulnerability when using the HS256 algorithm under specific conditions. Applications are affected when they use the jws.createVerify() function for HMAC algorithms and use user-provided data from the JSON Web Signature protected header or payload in HMAC secret lookup routines, which can allow attackers to bypass signature verification. This issue has been patched in versions 3.2.3 and 4.0.1.

error: Package: minimatch
Installed Version: 3.1.2
Vulnerability CVE-2026-26996
Severity: HIGH
Fixed Version: 10.2.1
Link: [CVE-2026-26996](https://avd.aquasec.com/nvd/cve-2026-26996)
      ┌─ src/list/package-lock.json:23096:1
      │  
23096 │ ╭     "node_modules/minimatch": {
23097 │ │       "version": "3.1.2",
23098 │ │       "devOptional": true,
23099 │ │       "license": "ISC",
      · │
23105 │ │       }
23106 │ │     },
      │ ╰^
      │  
      = minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
      = minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerable to Regular Expression Denial of Service (ReDoS) when a glob pattern contains many consecutive * wildcards followed by a literal character that doesn't appear in the test string. Each * compiles to a separate 

(Truncated to 5714 characters out of 16374)

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx [email protected] --custom-flavor-setup --custom-flavor-linters PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_BANDIT,PYTHON_MYPY,PYTHON_RUFF,ACTION_ACTIONLINT,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,CSHARP_CSHARPIER,CSHARP_ROSLYNATOR,CSS_STYLELINT,DOCKERFILE_HADOLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,ENV_DOTENV_LINTER,GROOVY_NPM_GROOVY_LINT,HTML_DJLINT,HTML_HTMLHINT,JAVA_CHECKSTYLE,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,XML_XMLLINT,YAML_PRETTIER